<?php
    @session_start();
require_once 'shared-functions.php';
require_once 'session.php';
require_once 'masterpage.php';

if (!IsValidSession()) {
    header('Location: login.php?page=student-selector');
    exit();
}
else
{
    RefreshSession();
}

$destination = $_GET['page'] . ".php";
$page = "";
if (isset($_GET['page'])) {
    $page = $_GET['page'];
}
else
{
    $page = "index";
    $destination = "index.php";
}

if (isset($_GET['select'])) {
    $select = $_GET['select'];
}
else
{
    $select = "Select";
}

masterpage("Student Selector");
?>

<a href="add-new-student.php">Add New Student</a><p/>
<form action="student-selector.php?page=<?php echo $page; ?>&select=<?php
if (isset($_GET['select'])) {
    echo $_GET['select'];
}
else
{
    echo 'Edit';
}
?>" method="post">
	Program: 
<?php
		$link = connect_db();
        $query = "SELECT * FROM `Program`;";
        $result = mysql_query($query,$link);
		echo "<select name='ProgramID'>";
		echo "<option value='-1'>All</option>";
        while($program=mysql_fetch_array($result,MYSQL_BOTH))
        {
			$selected = '';
			if(isset($_POST['ProgramID']) && $_POST['ProgramID'] == $program['ProgramID'])
			{
				$selected = ' selected="true" ';	
			}
            echo '<option value ="'.$program['ProgramID'].'" '.$selected.'>'.$program['Name'].', '.
                                                               $program['Code'].'-'.
                                                               str_pad($program['Semester'], 2, '0', STR_PAD_LEFT).
                                                               " ".$program['Year'].'</option>';
        }
		echo "</select><br />";
?>
    <input type="text" name="txtQuery" id="txtQuery" size="25"/>
    <input type="submit" value="Search"/>
    Active: <input type="checkbox" name="active" value="active" checked />
</form>
<p/>
<table class="DataList">
    <tr>
        <th class="header" colspan="7">Select a Student <?php echo " : (".$page.")"; ?></th>
    </tr>
    <tr>
        <th class="header"></th>
        <th class="header">ID</th>
        <th class="header">Last Name</th>
        <th class="header">First Name</th>
        <th class="header">Middle Name</th>
        <th class="header">School ID</th>
        <th class="header">Program</th>
    </tr>

<?php
    $link = connect_db();
    $query = "SELECT *
				FROM `User` 
				INNER JOIN `Student` ON `Student`.`ID`=`User`.`UserID`
				INNER JOIN `Program` ON `Program`.`ProgramID` = `Student`.`programID`";
    if (isset($_POST['txtQuery'])) {
        if(isset($_POST['active']))
        {
            $active = 1;
        }
        else
        {
            $active = 0;
        }
        $query .= " WHERE `User`.`Active` = '".$active."'";
        $query .= " AND (`User`.`FirstName` LIKE '%" . $_POST['txtQuery'] . "%'";
        $query .= " OR `User`.`MiddleName` LIKE '%" . $_POST['txtQuery'] . "%'";
        $query .= " OR `User`.`LastName` LIKE '%" . $_POST['txtQuery'] . "%'";
        $query .= " OR `Student`.`SchoolID` LIKE '%" . $_POST['txtQuery'] . "%'";
        $query .= " OR `User`.`UserID` LIKE '%" . $_POST['txtQuery'] . "%')";
		if(isset($_POST['ProgramID']) && $_POST['ProgramID'] != '-1')
		{
			$query .= " AND `Program`.`ProgramID` = '".$_POST['ProgramID']."'";	
		}
    }
    else
    {
        $query .= " WHERE `User`.`Active` = '1'";
    }

    $students = mysql_query($query, $link);
    if ($students === false) {
        echo "Oops...something went wrong. Please contact support.";
        exit();
    }

    if(mysql_num_rows($students) < 1)
    {
        echo '<tr><td class="rows">No students found.</td></tr>';
    }
    $rowID = 0;
    while ($student = mysql_fetch_array($students, MYSQL_BOTH))
    {
        if ($rowID == 0) {
            $rowClass = "rows";
            $rowID++;
        }
        else
        {
            $rowClass = "altrows";
            $rowID--;
        }
        echo '
        <form action="' . $destination . '" method="post">
        <tr>
            <input type="hidden" name="StudentID" value="' . $student[0] . '" />';
        if (isset($_POST['CourseInstance'])) {
            echo '<input type="hidden" name="CourseInstance" value="' . $_POST['CourseInstance'] . '" />';
        }
        echo'
            <td class="' . $rowClass . '"><input type="submit" value="' . $select . '" /></td>
            <td class="' . $rowClass . '">' . $student['UserId'] . '</td>
            <td class="' . $rowClass . '">' . $student['LastName'] . '</td>
            <td class="' . $rowClass . '">' . $student['FirstName'] . '</td>
            <td class="' . $rowClass . '">' . $student['MiddleName'] . '</td>
            <td class="' . $rowClass . '">' . $student['SchoolID'] . '</td>
			<td class="' . $rowClass . '">' . $student['Name'].', '.
                                              $student['Code'].'-'.
                                              str_pad($student['Semester'], 2, '0', STR_PAD_LEFT).
                                              " ".$student['Year'] . '</td>
        </tr>
        </form>';
    }
    ?>
</table>
<?php
    endmasterpage();
?>

